Securo-boffins call for 'self-aware' defensive technologies

Security boffins should concentrate on creating self-aware technologies that can learn from cyber attacks, summit experts say, proving that none of them have ever seen a movie about artificial intelligence.

Participants at the inaugural World Cyber Security Technology Research summit also reckoned figuring out how to protect smart grids and mobile networks should be top research priorities, according to their report.

The experts were particularly concerned about the damage from smart grid hacking:

Smart utility grids have, for a variety of reasons such as their size and accessibility, a raised susceptibility to cyber attacks. Such attacks can destroy national critical infrastructure and the need for smart grid cyber security is therefore imperative.

And if the thought of your electricity, gas and water in the hands of hackers wasn't enough to freak you out, they also mentioned they want security technologies that can think for themselves to protect us:

Research objectives in this area would include the development of cyber security technologies which have self-learning capabilities; self-awareness in cyber systems enabling early attack detection and self-configuration to defend against an attack; the establishment of feedback in cyber systems providing the capability of learning from cyber attacks.

So, just to be clear then, if these technologies did go rogue (and let's face it, they probably would) their top capability would be learning how to defend themselves from attack. Maybe the cure is worse than the disease…

Apart from dread scenarios of doom, the specialists are also worried about the security of mobile networks given the rapid uptake of smartphones worldwide.

"This issue will only increase due to convergence in mobile architectures and the number of mobile users - five billion compared with 1.5 billion on the internet," said Patrick Traynor, associate professor at Georgia Tech. "Malicious behaviour will simply follow utility - as mobile phones become the dominant computing platform, the expectation must be that they will be regularly targeted."

The report also said that technology alone wouldn't be enough to fight cyber crime:

Next generation cyber security research must take into account social, political, legal and economic aspects of this space. Social behavioural norms in cyber space need to be investigated, societal desires such as trust, safety, freedom and privacy must be examined, and attitudes to cyber security in source countries of cyber attacks should be studied.

The Centre for Secure Information Technology (CSIT) hosted security experts from the UK's Home Office, US Dept of Commerce and the awesomely-named US Cyber Consequences Unit as well as universities, defence and IT companies at the summit in Belfast earlier this year. The resulting report (pdf) was published yesterday. ®